Vmware Vmware Aria Operations
12 CVEs affecting Vmware Vmware Aria Operations. Latest disclosed: 2026-02-25. Critical: 0, High: 8.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-22719 | High | 8.1 | 2026-02-25 | VMware Aria Operations contains a command injection vulnerability. A malicious unauthenticated actor may exploit this issue to execute arbitrary commands which… |
CVE-2026-22720 | High | 8.0 | 2026-02-25 | VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with privileges to create custom benchmarks may be able to injec… |
CVE-2025-41244 | High | 7.8 | 2025-09-29 | VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. A malicious local actor with non-administrative privileges having a… |
CVE-2025-22231 | High | 7.8 | 2025-04-01 | VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with local administrative privileges can escalate their privilege… |
CVE-2024-38831 | High | 7.8 | 2024-11-26 | VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with local administrative privileges can insert malicious comman… |
CVE-2024-38830 | High | 7.8 | 2024-11-26 | VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with local administrative privileges may trigger this vulnerabili… |
CVE-2025-22222 | High | 7.7 | 2025-01-30 | VMware Aria Operations contains an information disclosure vulnerability. A malicious user with non-administrative privileges may exploit this vulnerability to… |
CVE-2024-38832 | High | 7.1 | 2024-11-26 | VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with editing access to views may be able to inject malicious scr… |
CVE-2024-38833 | Medium | 6.8 | 2024-11-26 | VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with editing access to email templates might inject malicious sc… |
CVE-2024-38834 | Medium | 6.5 | 2024-11-26 | VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with editing access to cloud provider might be able to inject ma… |
CVE-2026-22721 | Medium | 6.2 | 2026-02-25 | VMware Aria Operations contains a privilege escalation vulnerability. A malicious actor with privileges in vCenter to access Aria Operations may leverage this… |
CVE-2025-41245 | Medium | 4.9 | 2025-09-29 | VMware Aria Operations contains an information disclosure vulnerability. A malicious actor with non-administrative privileges in Aria Operations may exploit th… |